Improve AccessControlDefaultAdminRules admin transfer delay change logic
#1567
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 6.0.1 to 7.0.0. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](stefanzweifel/git-auto-commit-action@778341a...28e16e8) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: update to 0.51.0 * feat: update CHANGELOG * Update packages/testing/src/common.cairo Co-authored-by: Copilot <[email protected]> * feat: update to 0.51.1 --------- Co-authored-by: Copilot <[email protected]>
* feat: update to 0.51.0 * feat: update CHANGELOG * Update packages/testing/src/common.cairo Co-authored-by: Copilot <[email protected]> * feat: update CHANGELOG * Bump openzeppelin_testing version to 6.0.0 and update docs * feat: update to 0.51.1 --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: ericnordelo <[email protected]>
Co-authored-by: ericnordelo <[email protected]>
* feat: update to 0.51.0 * feat: update CHANGELOG * Update packages/testing/src/common.cairo Co-authored-by: Copilot <[email protected]> * feat: remove the feature * feat: update to 0.51.1 --------- Co-authored-by: Copilot <[email protected]>
Signed-off-by: vastonus <[email protected]>
Bumps [crate-ci/typos](https://github.com/crate-ci/typos) from 1.38.1 to 1.39.0. - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](crate-ci/typos@80c8a49...07d900b) --- updated-dependencies: - dependency-name: crate-ci/typos dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump snforge version to 0.51.2 * Add changelog entry for snforge update to 0.51.2
Co-authored-by: immrsd <[email protected]>
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds a maximum transfer delay validation to the AccessControlDefaultAdminRules component to prevent accidentally setting an excessively high admin transfer delay that could lock the contract for an extended period.
Key changes:
- Introduces
MAXIMUM_TRANSFER_DELAYconstant (set to 30 days by default) in theImmutableConfigtrait - Adds validation in both
initializerandchange_default_admin_delayfunctions to enforce the maximum delay - Renames
INVALID_DELAYerror constant toINVALID_GRANT_ROLE_DELAYfor clarity
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| packages/access/src/accesscontrol/extensions/accesscontrol_default_admin_rules.cairo | Implements the maximum transfer delay validation logic, adds the new MAXIMUM_TRANSFER_DELAY constant, updates documentation, and renames error constant |
| packages/access/src/tests/test_accesscontrol_default_admin_rules.cairo | Adds test cases to verify that delays exceeding the maximum are properly rejected in both initialization and delay change scenarios |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
packages/access/src/accesscontrol/extensions/accesscontrol_default_admin_rules.cairo
Show resolved
Hide resolved
Contributor
🧪 Cairo Contract Size Benchmark DiffBYTECODE SIZE (felts) (limit: 81,920 felts)
SIERRA CONTRACT CLASS SIZE (bytes) (limit: 4,089,446 bytes)
This comment was generated automatically from benchmark diffs. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## v3.0.0-rc #1567 +/- ##
=============================================
- Coverage 92.38% 92.37% -0.02%
=============================================
Files 83 85 +2
Lines 2272 2282 +10
=============================================
+ Hits 2099 2108 +9
- Misses 173 174 +1
... and 3 files with indirect coverage changes Continue to review full report in Codecov by Sentry.
🚀 New features to boost your workflow:
|
immrsd
reviewed
Nov 12, 2025
Collaborator
immrsd
left a comment
immrsd
left a comment
There was a problem hiding this comment.
Looking good, left a couple of minor comments
packages/access/src/accesscontrol/extensions/accesscontrol_default_admin_rules.cairo
Show resolved
Hide resolved
| start_cheat_caller_address(contract_address, ADMIN); | ||
| state.change_default_admin_delay(new_delay); | ||
| } | ||
|
|
Collaborator
There was a problem hiding this comment.
Can we add a test case testing the successful recovery flow after setting a high delay value?
Member
Author
There was a problem hiding this comment.
There is no a specific flow for that, you can recover by decreasing the delay as you would do before, the new constraint is that you can't set a value over the configurable maximun, and as long as that value makes sense (as documented), you should be able to recover by decreasing.
I'm adding some tests to ensure the delay can't be set greater than this maximun.
bidzyyys
approved these changes
Nov 18, 2025
immrsd
added a commit
that referenced
this pull request
Dec 25, 2025
* Improve `AccessControlDefaultAdminRules` admin transfer delay change logic (#1567) * Chore(deps): Bump stefanzweifel/git-auto-commit-action (#1553) Bumps [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) from 6.0.1 to 7.0.0. - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](stefanzweifel/git-auto-commit-action@778341a...28e16e8) --- updated-dependencies: - dependency-name: stefanzweifel/git-auto-commit-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update foundry to 0.51.0 (#1555) * feat: update to 0.51.0 * feat: update CHANGELOG * Update packages/testing/src/common.cairo Co-authored-by: Copilot <[email protected]> * feat: update to 0.51.1 --------- Co-authored-by: Copilot <[email protected]> * Release openzeppelin_testing v6.0.0 (#1556) * feat: update to 0.51.0 * feat: update CHANGELOG * Update packages/testing/src/common.cairo Co-authored-by: Copilot <[email protected]> * feat: update CHANGELOG * Bump openzeppelin_testing version to 6.0.0 and update docs * feat: update to 0.51.1 --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: ericnordelo <[email protected]> * Update contract sizes benchmark (#1559) Co-authored-by: ericnordelo <[email protected]> * Remove the coverage_incompatible feature (#1558) * feat: update to 0.51.0 * feat: update CHANGELOG * Update packages/testing/src/common.cairo Co-authored-by: Copilot <[email protected]> * feat: remove the feature * feat: update to 0.51.1 --------- Co-authored-by: Copilot <[email protected]> * chore: remove repetitive word in comment (#1561) Signed-off-by: vastonus <[email protected]> * Chore(deps): Bump crate-ci/typos from 1.38.1 to 1.39.0 (#1562) Bumps [crate-ci/typos](https://github.com/crate-ci/typos) from 1.38.1 to 1.39.0. - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](crate-ci/typos@80c8a49...07d900b) --- updated-dependencies: - dependency-name: crate-ci/typos dependency-version: 1.39.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump snforge to 0.51.2 (#1563) * Bump snforge version to 0.51.2 * Add changelog entry for snforge update to 0.51.2 * Bump Cairo to v2.13.1 (#1565) * Update contract sizes benchmark (#1566) Co-authored-by: immrsd <[email protected]> * feat: improve logic * feat: apply review comments * feat: update CHANGELOG --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: vastonus <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Copilot <[email protected]> Co-authored-by: ericnordelo <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: vastonus <[email protected]> Co-authored-by: immrsd <[email protected]> * Add a note clarifying EIP-6372 clock bounds (#1600) * Remove unused NEGATIVE_FEE error code (#1599) * Clarify `ERC-4626` fees flow (#1602) * Add a note to ERC4626HooksTrait * Add clarifying comments to ERC4626 mocks * Clarify `Governor` voting start (#1598) * Add doc requirement clarifying that voting starts only after snapshot * Mint initial supply at deployment for Votes mocks * Add additional test cases for block-number-based governor voting * Add additional test cases for timestamp-based governor voting * Format files * Governor: fix state at snapshot (#1606) * Make state resolving logic consistent with Solidity * Fix timestamp in Governor tests * Add tests checking Governor Pending state at snapshot timestamp * Add changelog entry * Format files * Fix changelog entry * Extract duplicated logic into helper func in tests * Reduce number of fuzzer runs * Fix setup-snfoundry version in tests workflow * Set number of fuzzer runs to 200 * Fix setup-snfoundry version * Add v3.0.0 audit report (#1612) * Add v3.0.0 updates to changelog * Bump version to 3.0.0 and update presets page * Update version of utils and interfaces modules to 2.1.0 * Update readmes * Fix root dir in update-readme script * Fix version in MetaTransactionV0 preset --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: vastonus <[email protected]> Co-authored-by: Eric Nordelo <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Copilot <[email protected]> Co-authored-by: ericnordelo <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: vastonus <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.